Assessment criteria for information security in public administration (Julkri)

This recommendation issued by the Information Management Board describes the assessment criteria for information security in public administration (Julkri) and provides instructions for their use.

The assessment criteria support the needs to develop and evaluate information security in all branches of public administration. It can be used to assess compliance with the information security requirements laid down in the Information Management Act, the Security Classification Decree and partly also the GDPR.

The organisation must identify the material risks to data processing and dimension the data security measures in accordance with the risk assessment. In its procurements, the organisation must ensure that appropriate data security measures have been implemented in the information system to be procured.

Updated: 11/3/2025

Digitalise your service path

Enhance information management

Improve service quality

Protect your data

Open, share and utilise data

Enhance information management

Protect your data

Develop responsibly

Open, share and utilise data

Assessment criteria for information security in public administration (Julkri)

Are you satisfied with the content on this page?